package com.ys.erp.stage_mall_service.utils;

import cn.hutool.crypto.BCUtil;
import com.wechat.pay.contrib.apache.httpclient.WechatPayHttpClientBuilder;
import com.wechat.pay.contrib.apache.httpclient.auth.PrivateKeySigner;
import com.wechat.pay.contrib.apache.httpclient.auth.Verifier;
import com.wechat.pay.contrib.apache.httpclient.auth.WechatPay2Credentials;
import com.wechat.pay.contrib.apache.httpclient.auth.WechatPay2Validator;
import com.wechat.pay.contrib.apache.httpclient.cert.CertificatesManager;
import com.wechat.pay.java.core.RSAAutoCertificateConfig;
import org.apache.http.impl.client.CloseableHttpClient;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;

import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;

/**
 * @author lwj
 * @date 2023/5/7
 */
@Configuration
public class WxPayConfig {

    @Value("${wx.bus-id}")
    private String busId;

    @Value("${wx.pay-secret}")
    private String paySecret;

    @Value("${wx.cert-no}")
    private String certNo;


    @Bean
    public RSAAutoCertificateConfig autoCertificateConfig(
            @Qualifier("apiClientKey") PrivateKey privateKey
    ) throws IOException {
        return new RSAAutoCertificateConfig.Builder()
                .merchantId(busId)
                .privateKey(privateKey)
                .merchantSerialNumber(certNo)
                .apiV3Key(paySecret)
                .build();
    }

    @Bean
    public CloseableHttpClient wechatPayHttpClientBuilder(
            @Qualifier("apiClientKey") PrivateKey privateKey
    ) throws Exception {

        // 获取证书管理器实例
        CertificatesManager certificatesManager = CertificatesManager.getInstance();
        // 向证书管理器增加需要自动更新平台证书的商户信息
        certificatesManager.putMerchant(busId, new WechatPay2Credentials(busId,
                new PrivateKeySigner(certNo, privateKey)), paySecret.getBytes(StandardCharsets.UTF_8));
        // ... 若有多个商户号，可继续调用putMerchant添加商户信息
        // 从证书管理器中获取verifier
        Verifier verifier = certificatesManager.getVerifier("1565846101");
        WechatPayHttpClientBuilder builder = WechatPayHttpClientBuilder.create()
                .withMerchant(busId, certNo,
                        privateKey)
                .withValidator(new WechatPay2Validator(verifier));
        return builder.build();
    }

    @Bean("apiClientKey")
    public PrivateKey privateKey() throws IOException {
        java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        PrivateKey privateKey;
        Resource resource = new ClassPathResource("\\wx\\apiclient_key.pem");
        try (InputStream is = resource.getInputStream()) {
            privateKey = BCUtil.readPemPrivateKey(is);
        }
        return privateKey;
    }

}
